我在基本的“更改电子邮件”脚本中使用以下代码。一旦我开始工作,我会更担心验证,但我不能,因为我的生活,找出为什么这不起作用。
<?php
if (isset($_GET['u'])) {
$u = $_GET['u'];
}
if (isset($_POST['e'])) {
var_dump($_GET);
$e = $_POST['e'];
include_once("php_includes/db_conx.php");
$sql = "SELECT * FROM users WHERE username='$u' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$numrows = mysqli_num_rows($query);
if ($numrows != 0) {
$sql = "UPDATE users SET email='$e' WHERE username='$u' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
echo "changed";
exit();
} else
echo "Server issue";
exit();
}
?>
<script src="js/main.js"></script>
<script src="js/ajax.js"></script>
<script>
function chEmail(){
var e1 = _("email1").value;
var e2 = _("email2").value;
var status = _("status");
if (e1 == "" || e2 == "") {
status.innerHTML = "You need to complete both fields";
} else if (e1 != e2) {
status.innerHTML = "Emails don't match";
} else {
status.innerHTML = 'please wait ...';
var ajax = ajaxObj("POST", "changeEmail.php");
ajax.onreadystatechange = function() {
if(ajaxReturn(ajax) == true) {
if(ajax.responseText != "changed"){
status.innerHTML = ajax.responseText;
} else {
window.scrollTo(0,0);
_("changeEmail").innerHTML = "Email successfully changed";
}
}
}
ajax.send("e="+e1);
}
}
</script>
<form id="changeEmail" name="changeEmail" onSubmit="return false">
<input type="text" id="email1" placeholder="Email"><br>
<input type="text" id="email2" placeholder="Confirm Email">
<span id="status"></span>
<button id="changeEmailBtn" onClick="chEmail()">Change</button>
</form>
网址为http://mydomain.com/change_email.php?u=user
用户肯定在数据库中,我已经仔细检查了表和字段名称
每次返回都是Server issue。
我尝试撤消num_rows if语句(将其设为==而不是!=并切换结果)但得到相同的结果。
我已尝试将$u = $_GET['u'];移至第二个if语句。我尝试在不同的地方回复$u,但它从不显示用户名。
我仍然处于PHP的学习阶段,但我认为我可以管理这么简单的事情!
如果您需要我向我展示我的JavaScript,请告诉我,但据我所知,这似乎没有任何问题。
答案 0 :(得分:0)
我假设ajaxObj是XMLHttpRequest的一个实例,并在您包含的自定义js脚本中定义。
尝试以下方法:
var username = "<?php isset($_GET['u']) ? echo $_GET['u'] : echo '';?>";
var ajax = ajaxObj("GET", "changeEmail.php?u=" + username + "&e=" + e1);
然后在底部简单地放ajax.send()而不是ajax.send("e="+e1);
在你的PHP上:
if (isset($_GET['u'])) {
$u = $_GET['u'];
}
if (isset($_GET['e'])) {
$e = $_GET['e'];
...
}
希望这有帮助!
答案 1 :(得分:0)
您没有在AJAX请求中发送u参数。
尝试在JS中进行这些简单的更改...
var url = _('changeEmail').action;
// snip
var ajax = ajaxObj("POST", url);
并以您的形式(假设这都在同一个PHP文件中)...
<form action="changeEmail.php?u=<?= htmlspecialchars($u) ?>" ...
现在再谈一些内容丰富的问题
<?php
// make sure this is right at the top of your page
// this is to initialise $u so you can safely use it later on
$u = isset($_GET['u']) ? $_GET['u'] : null;
if (isset($_POST['e'], $u)) {
$e = $_POST['e'];
require_once 'php_includes/db_conx.php';
header('Content-type: text/plain');
try {
// couldn't see any reason for the SELECT statement so removed it
// use prepared statements and parameter binding to avoid SQL injection.
$stmt = $db_conx->prepare('UPDATE users SET email = ? WHERE username= ? LIMIT 1');
if (!$stmt) {
// some proper error handling goes a long way
throw new Exception($db_conx->error, $db_conx->errno);
}
$stmt->bind_param('ss', $e, $u);
if (!$stmt->execute()) {
throw new Exception($stmt->error, $stmt->errno);
}
if ($stmt->affected_rows) {
echo 'changed';
} else {
// send proper error response codes
http_response_code(404);
echo 'zero records updated';
}
} catch (Exception $e) {
// turn any exceptions into a usable response
http_response_code(500);
echo $e->getCode(), ': ', $e->getMessage();
}
exit;
}
?>
<!DOCTYPE html>
<htm>
<!-- etc -->